Vulnerabilities > Vmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-23 | CVE-2019-11287 | Use of Externally-Controlled Format String vulnerability in multiple products Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. | 7.5 |
| 2019-11-20 | CVE-2019-5542 | Unspecified vulnerability in VMWare Fusion and Workstation VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain a denial-of-service vulnerability in the RPC handler. | 7.7 |
| 2019-11-20 | CVE-2019-5540 | Memory Leak vulnerability in VMWare Fusion and Workstation VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain an information disclosure vulnerability in vmnetdhcp. | 7.7 |
| 2019-10-18 | CVE-2019-16919 | Incorrect Default Permissions vulnerability in multiple products Harbor API has a Broken Access Control vulnerability. | 7.5 |
| 2019-10-10 | CVE-2019-5527 | Use After Free vulnerability in VMWare products ESXi, Workstation, Fusion, VMRC and Horizon Client contain a use-after-free vulnerability in the virtual sound device. | 8.8 |
| 2019-09-18 | CVE-2019-5534 | Insufficiently Protected Credentials vulnerability in VMWare Vcenter Server 6.0/6.5/6.7 VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j) contains an information disclosure vulnerability where Virtual Machines deployed from an OVF could expose login information via the virtual machine's vAppConfig properties. | 7.7 |
| 2019-09-18 | CVE-2019-5532 | Information Exposure Through Log Files vulnerability in VMWare Vcenter Server 6.0/6.5/6.7 VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j) contains an information disclosure vulnerability due to the logging of credentials in plain-text for virtual machines deployed through OVF. | 7.7 |
| 2019-06-26 | CVE-2019-11272 | Insufficiently Protected Credentials vulnerability in multiple products Spring Security, versions 4.2.x up to 4.2.12, and older unsupported versions support plain text passwords using PlaintextPasswordEncoder. | 7.3 |
| 2019-06-06 | CVE-2019-5525 | Use After Free vulnerability in VMWare Workstation VMware Workstation (15.x before 15.1.0) contains a use-after-free vulnerability in the Advanced Linux Sound Architecture (ALSA) backend. | 8.8 |
| 2019-06-06 | CVE-2019-5522 | Out-of-bounds Read vulnerability in VMWare Tools VMware Tools for Windows update addresses an out of bounds read vulnerability in vm3dmp driver which is installed with vmtools in Windows guest machines. | 7.1 |